<?php 

// Include the configuration file for error management and such.
require_once ('./includes/config.inc.php'); 

$live = TRUE;

// Set the page title and include the HTML header.
$page_title = 'Newnham College Associates: Contact';
$site_section = 'Contact';
include ('./includes/header.html');
include ('./includes/fetch-user.inc.php');
include ('./includes/send.inc.php');
require_once('./includes/recaptchalib.php');

$publickey = "6LeHqAAAAAAAAFawjppaIxgADyy8K16a4ssclaxE";

$blurb = "
This message has been sent to you from the Newnham Associates 
website at www.newnhamassociates.org.uk. The sender of this message 
was not told your email address.

Both the Secretary of the Associates and the webmaster have been 
sent a copy of this message. If you do not believe this message 
is genuine, you need do nothing: in particular, please don't reply
to anything that looks as if it may be spam. If there is any
other reason that you do not wish to reply to it, please notify 
either the Secretary at secretary@newnhamassociates.org.uk or
the webmaster at webmaster@newnhamassociates.org.uk

=================================================================

";

$subject = "Message from Newnham Associates website";
$spam_subject = "Spam from Newnham Associates website";
$headers1 = "From: webmaster@newnhamassociates.org.uk
X-Mailer: PHP." . phpversion() ."
Bcc: webmaster@newnhamassociates.org.uk";
$secbcc= ", secretary@newnhamassociates.org.uk";
$headers2 = "
Reply-To: ";
$spam_headers = "From: webmaster@newnhamassociates.org.uk
X-Mailer: PHP." . phpversion();

if (! isset($_GET['assoc']) ) {
    user_redirect('/index.php');
    exit(); // Quit the script.
}

$user_id = $_GET['assoc'];
$contact_sec = ($user_id == "sec");


require_once ('./mysql_connect.php'); // Connect to the database.

if ($contact_sec){
  $user_info['first_name'] = "The Secretary";  // 1st name
  $user_info['last_name'] = "of the Associates"; // last name
  $user_info['email_allowed'] = true; // email allowed
  $user_info['email'] = "secretary@newnhamassociates.org.uk";
  $headers = $headers1 . $headers2;
} else {
  $user_info = fetch_user_name($user_id);
  $headers = $headers1 . $secbcc . $headers2;
  if (!$user_info) { // somehow they got a dud user id. Go no further.
    user_redirect('/index.php');
    exit(); // Quit the script.
  }
}
$full_name = "{$user_info['first_name']} {$user_info['last_name']}";
$form_ok = FALSE;


if (isset($_POST['submitted'])) { // Handle the  submitted form.
  $error_msgs = validate_mail_form();
  $form_ok = (count($error_msgs) == 1);
  $is_spam =  ($form_ok && $error_msgs[0] != "No spam");
  if ($form_ok) {
    // send mail
      if ($is_spam) {
          $message = $error_msgs[0] . "\n" . $blurb;
          $message_type = 'spam';
      }
      else {
          $message = $blurb;
          $message_type = 'contact';
      }
      $from = stripslashes($_POST['email']);
      $message .= "Message to:   " . $full_name . "\n\n";
      $message .= "Message from: " . stripslashes($_POST['name']) . "\n\n";
      $message .= "Email:        " . $from . "\n\n";
      $message .= "Status:       " . $_POST['status'] . "\n\n";
      $message .= "\n\n" . wordwrap(stripslashes($_POST['message']), 70);
      $headers .= stripslashes($_POST['name']) . " <{$_POST['email']}>";
      $to = $user_info['email'];
      $mail_sent = FALSE;
      if ($live)
      {
          if ($is_spam) {
              $mail_sent = mail("webmaster@newnhamassociates.org.uk", 
                                $spam_subject, $message, $spam_headers);
          }
          else {
              $mail_sent = mail($to, $subject, $message, $headers);
          }
          if ($mail_sent) {
              if ($user_id == 'sec') {
                  $user_id = 0;
              }
              $query = "INSERT INTO emails_sent (when_sent, user_id, email, sender, type) VALUES (NOW(), $user_id, '$to', '$from', '$message_type')";
              $result = mysql_query($query) or trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error());
          }
      }
  }
} 

mysql_close(); // Close the database connection.

echo "<h1>Contact an Associate</h1>"; 

if (!$user_info['email_allowed']) 
{
  echo "<p>{$full_name} cannot be contacted through the web site. Sorry.</p>\n";
} 
elseif ($form_ok)
{ // the email has been sent
    if ($mail_sent)
    {
    echo "<p>Your message has been sent to {$full_name}.</p>\n";
    }
    elseif ($live)
    {
        echo "<p>There was a problem sending your message. Please try again.</p>\n";
    }
    else
    {
        echo "<p>The site is not yet live. Your message would have been sent to {$full_name}.</p>\n";
    }
} 
else
{ // we are ok to fill the form in
  echo "<p>Your message will be relayed to {$full_name}.</p>\n";

  // errors if necessary
  if (isset($_POST['submitted']) && ! $form_ok) {
    echo '<ul class="formErrors">';
    foreach ($error_msgs as $msg) {
      echo "<li> $msg </li>";
    }
    echo '</ul>';
  }
  echo "<form action=\"sendMessage.php?assoc=$user_id\" method=\"post\">\n";
  echo "<table>\n";
  
  echo "<tr><td>Your status:</td>\n
        <td><select name=\"status\" >\n
        <option>--Choose--</option>\n
        <option>Junior Member</option>\n
        <option>Senior Member</option>\n
        <option>Member of the Roll</option>\n
        <option>Associate</option>\n
        </select>\n
        </td>\n
        <td class=\"explanation\">This facility is for the use of Junior Members, Senior Members and Members of the Roll (former students) of Newnham College. </td>\n
        </tr>\n";

  echo "<tr><td>Your name:</td><td colspan=\"2\"><input type=\"text\" name=\"name\" size=\"40\" maxlength=\"40\""; 
  if (isset($_POST['submitted'])) {
    echo "value=\"{$_POST['name']}\" ";
  }
  echo "/></td></tr>\n";

  echo "<tr><td>Your email address:</td><td colspan=\"2\"><input type=\"text\" name=\"email\" size=\"40\" maxlength=\"40\""; 
  if (isset($_POST['submitted'])) {
    echo "value=\"{$_POST['email']}\" ";
  }
  echo "/></td></tr>\n";
  
  echo "<tr><td>Your message:</td><td colspan=\"2\"><textarea name=\"message\" cols=\"55\" rows=\"8\">"; 
  if (isset($_POST['submitted'])) {
    echo $_POST['message'];
  }
  echo "</textarea></td></tr>\n";

  echo "</table>\n";

  echo "<div align=\"center\"  style=\"margin-top: 1em;\">";
  //echo recaptcha_get_html($publickey);
  echo "\n<input type=\"submit\" name=\"Submit\" value=\"Send\" /></div>\n";
  echo "<input type=\"hidden\" name=\"submitted\" value=\"TRUE\" />\n";
  echo "</form>\n";
}

// Include the HTML footer file.
include ('./includes/footer.html');
?>